What is Session Authentication?
Session authentication provides a Single Sign-on(SSO) method, which allows for custom handling of authentication logic.
Session authentication is used when:
- A developer wants to reuse existing OAuth, SAML, or other existing token-based authentication from the Parent application
- Logi Securekey does not work in the environment due to
- IP range limitation
- Distributed, cloud-based architecture
- Complex management of user state. e.g. to synchronize access permissions with parent application's access permissions on every report load
How Does it work:
Before a session starts, custom code processes authentication logic and provides an intrinsically trusted session parameter "rdUsername" to start the Info session.
Add front-facing logic (e.g. myLogin.aspx) that sets up rdUsername as a session parameter before passing to the Info application’s entry-point (rdPage.aspx).
Additional information (e.g. UserRoles, UserRights, TenantID, etc.) can be set to session parameters in front-facing logic. This can be accessed in the application as Session tokens, e.g. @Session.TenantID~.
More information: https://devnet.logianalytics.com/rdPage.aspx?rdReport=Article&dnDocID=2165&dnProd=2#Session
Implementation
1. Create a front-end authentication solution.
Sample myLogin.jsp with in-line scriptlet:
2. Set the Security Authentication attribute of the Security element in the Logi Info application to 'AuthSession'.
3. Set the Logon Page attribute to the front-facing authentication page
4. Set the Logon Fail Page to redirect to a friendly error page or a page that handles failed authentication
<Security
AuthenticationSource="AuthSession"
LogonFailPage="https://parentapp.com/login"
LogonPage="myLogin.jsp"
SecurityEnabled="True"
/>